At Secureframe, we're committed to simplifying and automating the compliance process for organizations of all sizes.

Today, we're excited to announce the launch of Custom Automated Tests (CAT)—a game-changing feature that empowers customers to create tailored automated tests against integration data and automate more of the evidence collection process.

The challenge with standard automated tests

While our out-of-the-box (OOTB) automated tests have streamlined compliance for many small to medium-sized businesses, a one-size-fits-all approach isn't always sufficient. Companies with unique systems, processes, or compliance requirements often find themselves needing more flexibility. Without the ability to customize tests, they've faced challenges such as:

• Modifying existing test logic: For instance, one of our customers takes database backups every three days, but our daily backup test didn't align with their schedule. This mismatch forced them to manually upload screenshots or disable the test entirely.
• Adjusting test scope: Another customer had specific S3 buckets that needed to remain public while others should not. Our standard test evaluated all S3 buckets indiscriminately, leading to false positives and extra work to provide additional evidence.
• Creating new tests on existing data: Other customers had unique GCP access role implementations that weren't compatible with our standard tests, necessitating manual uploads and workarounds.

Introducing Custom Automated Tests

With CAT, you now have the ability to:

• Search resources: Search for any cloud resource in your environment.

• Set test scope: Specify exactly which resources or subset of resources should be included or excluded from tests, ensuring more accurate results.

• Set evaluation criteria: Specify the conditions in which resources returned by the query should pass or fail

• Publish new tests: Leverage the data already integrated into Secureframe to build custom tests that address your unique compliance requirements.

• Edit tests: At any time, you can tweak the logic of published CAT tests as your compliance and security needs evolve.

In our initial release, you'll be able to create custom automated tests against cloud resources for AWS, Azure, GCP, and DigitalOcean integrations.

Watch the video below to see CAT in action.

Benefits of Custom Automated Tests

Secureframe's latest innovation increases adaptability in the Secureframe platform, providing the following benefits.

• Reduce manual work: Minimize the need to pass tests through manual uploads or ignore failing tests due to misalignment with standard tests.
• Increase automation coverage: Expand the scope of what can be automatically tested, capturing more of your compliance requirements without additional effort.
• Enhanced resource visibility: Discover and resolve nuanced asset misconfigurations beyond Secureframe’s default tests.
• Strengthen compliance posture: With more accurate and comprehensive testing, you can confidently demonstrate compliance to auditors and stakeholders.